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?^V^""EM. ANn M£^^'^-^QP '^Q^ HNC RYFFING AND D ECRYPTING FILES 



This mveniion relates graemlly to coniputer networkiv and more 
particularly to a system and method for encnpting and decnpting files lo 
enable secure exchange <>f infonr.ation in a computer ucivs ork. 



2 - Baekgfotmd An 

In its infancy, the Inteniel provided a researcb-orier=ted enviropj-net^t 
where users and hosts were interested m a free and open exchange of 
infonr>atioii, and where users and hosts rnutualiy rrusteLi one another. However, 
the iiiiemet has grown drasiicalivs eun'cntly interconnecting at leasi 100/)00 
coniputer networks md inillion^- of users. Because or its size a.nd openness, the 
Internet has becoTY^e a target of data theft, data ah.enUiou and otber mischief 

Vinuallv everyone that sends infomiation over the internet its vuioerable. 
Before sending a file, companies balance the benefits and ease of transferring a 
tile over ihe internet against the risks of potential unaufhorbed file access, 

(Me of ihe rrsost prjpular of ciuxent securily techxsiqnes is private key file 
encryption and decryption. A ffie may be encnpted and decx->pte{i using a 
private key knt>wn to all authorized nsers. Thus, a Ijle tnay be encrypted using 
the private key, forwardcti over a computer neiwork, and decrypted ns.nig the 
private key by the end user. Accordi,rigly, botls the enci-\pting party and the 
decrypting party must know the pr.ivate key. 

This encryption and decryption security technique does not solve 
problems arui concen-s of the roaming user, .F,a-.st, for exampk^., a roatning user 
must vnaiiUair; a pottable rcconi i,.>f all private keys so thai he or she can decn'pt 
or re-encrvpt files. ISiairrarining a portable record can be a lime ccmsuming and 
cumbersome process. Therefore, a syslerrj and metliod for encrypting arsd 
decrv-pbrig flies is needed to faciljiaie renK">te access to information resources in 



a oorwpiiccr nctwtvk easily and secuiely (without :;endmg keys over the 
tietwork). 



Thr prc.Ncni in\eiUion provides a x->*tcns .kkI niethuvi for ^ ncc>ptuii; and 
dccopting i'^les to eiuMc secure acct'i>.-? information ic-o nces n\ <i Ci->:ispute? 
nct^vutk I he s>stem and method ii<^lubute the tasbt oi ikcrypUim btn\. eeti Si 
"icv-^ci and ciiorsi, theK'by adding to trie level o-'seoim1y. f ho wlem and 
racthod prosido recogiii/ahk' beiieru:> lu a uoavork h<n«v, ^ misted client 
isOiu-'h pci forms the e"i^-:spUon\ ^ ser\ernvhich stores ibc encr.pted daUi and 
a buu>, ana ar imii ut>tc<.l client (where the user is cunentiy opcraimg). 
Deer.pt:on rtiav l>e pcfr<>rnicd at the .-.etvei or at die untiVi'-^fed ciicnu without 
lr;ui~vtef r^ng tlie key or a jmsc-jwouI ove: the network 

To encrvpt data, the caisted ehent gerieraies av. erscr>ptu)p decryption 
kev TIkU k-^, a Uc^er nuerrhce ohraui.x a pa«^-iword, generaikv fufn) a user A hint 
gir-ne^atos e^v-ncrates a hint, prefeiabi), a, p'-eudo-;arKiofn uuuibc? A kev 
L'eiierator generates d kev ha^cd on tbc pa<5sv> <"rd and on the hmt. In a mote 
secure, bat more eoni)^lex, embodiment enabli'ig server side or client- j^ide 
deception, the ke\ cqualr^ B(Hd!(F)). i!(H{PX liintfs. Manielv, a key gencratof 
ha-lH<5 the passwoio generate a *ns* •^cc-.et, ha^he--^ the n;^t .senet to gentrato 
a seciMid seciei. bashes the fast *?.V5et \^id^ thebhit to geiuaak" dv. uitem\i.d3dtt* 
index. tu>J ha^i;s.s ti\c seOv^nd secret ano the mtcrmediate nidex 10 gencr.^te the 
key. In a sitiipler, hut Icbs .^eeua, euihodtmeni Licihiatsni; chtnt-sidt 
di^c^ypnon, the key eqiialb h\xn) KanseK, a UNtr nUerJace ob:ams a 
pa.->s^\ord and a huit 5;etK-'rator gcne?atc<5 a hrnt t hen, lev gciiofator ha^hci> 
the pdos\*,ord and the hsnt ;o uer^^ra^t the kev An er.cr>pt,on tngiue can Oieri 
USE- the ke> lu CHv ispt da*a The eltera scraJj d"se cncivprcd d.xi<i ai\l the r.xnt (^k 
storage <.>t\ !he son <.r AHeruJUvoi>, ihv global --ervet caa s.enerak- and ok>re tlx 
oanie hint ^ndi, penvk^ntK 



Vo decrypl encrypted data, the key must first be detemiined. To 
MtnoT'dtc the key, Ihe ser. er knovs's some iafbrmalioxi and me user knows some 
inicirmation. For data encrypied using the more secure encryption embodtment, 
eiicru-side and .server-side decryption are each possible. 

In the cHem-side decnption case, a user interface obtaisis the password 
iTOiii the «ser. A eommurncalions engine retneves the hin?. iiorn the sers'er. An 
index generator hasbe<; the password to generate the first secret, and hashes the 
bint and ihe ilrst secret to generate the intennodiate index. A key generator 
hasihes the first secret lo generate the second secret, and hashes the second 
secret and ihe iniainediate mdex to generate the key. in the >sen'er side 
decryption case, the ooiutBUfhcations engine forwards the inierrnednUe index to 
the sender. The server, which tor this embodiment preferably learned the 
.second sccrei during account setnp, hashes ihe scccmd secret and die 
■mtcmiediate index to generate the key. h. will be appreciated that, because the 
scpv-er does not know ihe password or the fn-st secret (which is only derivable 
knownig the passvv-ord), the ser/er alone cannot compute the key. 

For data encrx-pted using the simpler encr>ptiot\ embcidiment, the remote 
client generates ihe key. .A user interfece obtains a password Irorn the user. A 
C4.rmrrmnications engine retrieves the hint and encrypted data froxii the server. 
A key generator flashes the password and the hint to generate the key. li vvili be 
appreciated that any number of hashes can be perfbrmed on the variables to 
compute the key. For example, the password nia\= be haslsed ro comptite a 
secret, and the secret and key may be ha.shed ti) compute the key, 

.A Itrsi system in acciifdatice with the present invention inchjdes a user 
interface for obtaining a password; a key generator cotspled to the user interface 
for hashing a hint and ihe passwc>Td io gencraic a key. au encrv'jHion engine 
coupled to the key generator for encrypting daia tuung the key; and a 
comunuiicaiions module cotjpied to the engine for sending the encrypted ditta 
and the hint, to a server ibr storage. 



wo mnMn wctmsmmmt 
A second system in accordance with the prescr:t invenlioii includes a.n 
encryption downloadable for deriving an cncrx'ption key from a password and a 
hint; a web sei^'er for sritertacing with a client, for sendmg the cncrj^ption 
d(?v*/nloadable to rbe client, tor receiviTig encrypted data that was encrjniled by 
the encryption do-vvnloaiiable from tbc client, and for receiving a bin! 
concsponding to tbe encr>'pted data and needed to regenerate the key from the 
client; and njcrrjory coupled to the ivcb sen'cr for storing the bint and the 
encrypted data. 

A third system in accordance with tbe present inventior^ inchides a user 
interlace for obtaining a passvv'ord: a cornniunications module for receiving tbe 
encr/pted data and a iiinl corresponding to the encrypted from a servers a key 
generator for hasriing the password and tbe hint to generate a key for decrypting 
tbe esicr>'pted data. 

\ fourth ^.vstvrn in accoid.ujc-' wrh tbe pie<;cnt uncntion nk'^ludc's a 
dccrvruoii dowrloidab v- fo? detivuxr; kc} f;o:7^ a [}a^<;^^•o*'d and a bine, 
nu rVv'^sed da;a a rnii orrespondmg trie encrvpteJ data, and a wA^ ccn-ei tO' 
interiacirg v/ith a cben:, artd tor sendnig tlie decrypiioit do^nloadabL\ tl e 
ercrypted da;a and tl e n vA to ti e ih-Jiv 

\ filtb -^\bteis> n accordance xMththc pt^scnt n\ont>ou ^ncltides .1 ai.->cr 
tntci-aec fo? obt..niing pasbvxvoni an tnce\ gener^o'- eocpled to taen-^e'- 
n-tcft;-ce (or genouitn^.g ais inLe"ineciate 'mkx honx d tnnt 'eceived fron^ a 
j.tntf ajd a ^tc^^.'t dtK>.\J ftom tbc pa*s%vo''d; a-sd a ^onin\Hncat;on- trgine 
coupled to t^xi mde\ generator for ^enduig tl c nrenrsedi-Ue irdex to the ..v'nc:. 

V c>?\-b ^>y?tcni m act. ot dance witb the present in^.entiv->n ^ncluds.-^ a 
st.ecr\dj^ccret ccncspssnding to a vto<.r, a dcct^p'ton (downloadable for 
gcner>^ting an interniediate uide^ f^orn a oasM\ oid and a h'nt, a wch <icn ex ^^t^ 
leeecvr^^* an vncicatu-n <>t ^..ro7^p^c^i dvita tv* vic^rsyttC fo^ rTanoruitting ',he 
deci vpt^ui downloacab.e ai'^d a bim Cv->rc>i3 nicinc to tbo ? idicati^.!n 10 a c'x'nt, 
jnd ior "x'ceiv -ne an mioiTiSw^baie nd>*\ froin tbc ehent and a ^e^ve. ,'c<;Kle.i! 



oKxiiile for deriving a key for decrypting the enciypted data twm iht second 
secret and the iiuenrsudiato isidex. 

One oforiiinary skill will recognize that the key is never ininsmicled 
over comp\itcf jietwork. Ir will be ftirlhsv appreciated ihut tb.e password is 
never transmirted over the internet. Thus, ex^en if a haeker somehow obtained 
the p;\ss\vord, the hacker coiVid not generate the key without obtaining the 
pwfcr hash functions and hint correspoiiding to the data Itoib the server (whieh 
requues proper identiileatic-n and authentication), it vsiil be hinhcr appreciated 
that, lor server~^=>ide decryption in tlie more secure err^.^odiment, the second 
seeret is ti'ansmitted ordy once across the network, preferabiy, at account setup. 
The second secret, alon^g wilh the first secret and the hint, are needed at a later 
time to generate the key. Thus, it wouki be practically impossible for a haeker 
to obtain all the inforrr^aiion needed to generate the key. 

It vsiii be even liinher appx-ceiated tl^.at, by distributing parts of the 
decr>pison function to the remote ciieni and pans to the server, it is noi possible 
for eidier site alone to decrypt data without acquinng eddstional intoniiation 
from the other site. One of ordiiuuy skill vvil! understand that by distributing 
the decfyption function bet wee?^ the remote client and server (referred to as 
doubk^ indirection), it is not possible for tlie global server lo decrypt the fne 
without acquiring additional infomiation iTc^m ihe rcniote client and vice x^ersa. 
Hence, otie ofordirsary skill will imderstand thai an urLauthonzed capture of 
information during netwcui tratisfer will fail to provide enough information to 
decr^rpt cr^crypted data, Therefcsre, the system and niethod provide a heightened 
level of data security. 

BRIBf- DESCRIPT ION OF Tflfi DRAWIN GS 
FIG. I is a block diagram ilhistratirig a roaming-user network access 
system in accordance xvith the present iTiveirdou; 

FIG. 2 is a block diagn^m iliu-snadng details of an example coraputer; 



HG ^ IS a blocl. dl'igrara illu^lTiJtiug deUiLs (^f the enaypibn 
Jovvish^isdablcr of FJG, U 

FKi ic a bUx'k duii>ran^ iiiiusnatsng details of tiic clu-ni decryption 

i<U i ^ K a block diagram filu^Lralirg deiasls of the sen cr dccr>'ptKni 
mod«k 01 1'lG, 1; 

F1<.J Ks a Howchart iHusUatuu\ a raethud of file t.nrv>puon m 
.icconiant s:> wrd\ ihc psci^ent invention: 

riCr lb a flowchart iliui>trjUT\^^. details of Le> gerierai^un imd n<K, m 
.icco-rt^mee wuk FK^ (\ 

IIG. S IS a ilevvchan iUustratiBg a methou of dtxi^-ptifig a file in 
accordancv xv kh the present inveBtKsB, 

TKl. 9 >^ a tlo^sohart -thL-^tra^^ng deiails of sener decn'ptuirs in 
accordance wi;th MG, <>; 

i K' 10 is a iiowciiait dlntttiati^g additional uctailsS of server decryption 
in jccouianco \sit!j 1 IG. 0, 

F[<'^ n a rlo\^ohan iilusirating detv^o.U of remote ehent deer}p1ion in 
acc^, irdaiiu' u itli Flix, 8; 

Fl<j 1 7 IS a ilovschaxi d]u<irK^tnv, «iother nKHbod of ener>ptmg Jala; 

and 

Mix, IJ IS a fKuvchart ii:ustrauni( another method of dcciyptniri c^na 
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DETAILED DESCRiPTiQN 

The following description illustrates gcDeral and specific principles of 
the inveiition and is not to be cop.sidered iimtting, 

FI.G, I is a block diagram iliusiralirsg an exempiary nenvork system 100 
for encrypiing aud decnpting data, in accordance witii the present inveniion, 
Neiwork system U)0 ccmjprises a global server 105 coupled via computer 
Tjctwork 1 10 to a local client 1 15 and to a remote cHent 120. The convpnter 
network ! 10 may include ox he a pajt of the wide area netvt'ork eonimonty 
relen-ed to as the Imernet. The global server 105 may be protected by a global 
frrewall (not shown), and the local clierjt 1 15 and remote client 120 may each 
be protected by a cheoi llrewan (riot sljown). 

The giijbal server 105 includes a contptiier svsieni that has an enctyption 
downloadable 123, a client decrj-ption downloadable 125, a server decryption 
module 130, a user database 135 and a web server 175, Tnenser database 135 
includes encrypted data 140, hints 145 and second secrets 150, It will be 
appreciated that global server' 105 rnay also include security ser vices (.rsot 
shown) for perforrnsrsg identidcation and authentication services t-;) condmi 
user access privdeges. 

For the invention herem, a Downloadable is executable or interj)rct.ablc 
apphcauon code, which is downloaded from a source computer snd ran on a 
de,stinatioTi corriputer. Further, the ter-ni "e.xecniablt'' inclnries "interpretabhi^' 
A Dovv'nioadable is topically requested and executed by <m ongoing process 
such as by an Irucrnet browser or web client. Examples of: Downloadablcs 
include iava^'^' applets designed for use in the Java^"' disrributing environment 
developed by Sun Microsysterrss. Irse., JavaScript^^' scripts also des-elopcd by 
Stui Microsystems, Inc, ActrveX^^" controls designed for use in the AeriveX*'^ 
distributing environuient devek^ped by ffie Microsoft Coiporation, Visual Basic 
alsi> developed by tlie Microsoft (.'orporatlon arid H TML, Downioadables may 
also include plugins. whieb add trs the funciioriahty of an aheady existing 
appbcatiO'S program. It will be appreciated that each Downloadable rnay 



inciiide on€ or tnorc applets, ooe or more ActiveX controls, one or more 
plugins, etc. or combinalsosis thereof. Although preferable, it will be furtbcr 
apprcci;:^ted tliat the Downloadable need noi be deleied upon logoff. 

The local client 1 15 mcludes a cotiiputer systett^ chat has a browser 165 
and unc«cr>pted <ial;,i 1 70. The remote client 1.20 inc]u<ies a computer sysletTi 
That has abrow.ser 155 and a data progratn 160 for viewing -le unencrypr.ed (or 
deer>aHed) data 1 70. The local client 1 i 5 niay be a 'Hiusted" client, and the 
remoie clicm; 120 may be an *\intiiisied" client. It will be appreeiaied that the 
dsftercace befweerr the remote clietU I2(.s and the local client 1 15 is merely that 
rbe user operares the local client 1 1 5 to cncrypi data 170 and Ihe user operates 
the ren^ote client 120 lo request deci->ptieHi of the data 140. The reinoie client 
1.20 and local client 1 1 5 tnay be the same computer. The tenn ''browser' is 
being U5;ed herein to include any engine for cormmmicating irr a network 
errv'ironmcnt, possibly nsi.ag File Traiisfer .Proiocol (FTP), HyinerTcxi Transfer 
Protocol (HTTP) and llyperTcxt Markup Umguage (IITMI.L It will be 
appreciated thm h>cal client 1 L5 or remote client 120 may include a s.rnan 
telephone, a Personal Data Assistant (FDA) such as the I'^aUn ilF™ system by 
the U.S. Robotics. Inc,, a laptop computer, etc. Although not .shcwv'-n, one 
skilled in the art v. il1 reeognize thai the local cHent 1 15 may also include an 
n>stance of the data pri.>gran! 160. Those skilled in the art will recognize that 
the data program loO tr^ay be a iMii processing progratn, an c-mml progratr^, a 
nciwork biwser, a calendar prog.rarn or another type of processing engine, 
..'Vccordingly, ihe unencrypted data \ 70 may ir.eludc fdcs, e-rnaih bi.H^kniarks, 
c:ilendar intc>rmaiior? or other type of data. 

The encryptmn. downksadable 123 enables the local client IIS toenciypt 
the unencrypied data I7(! and to srore the encrypted data bU) on the global 
server 1 05. ..'V fust method of cner>ptioTi is discu.ssed •with reference to FIGs. 6 
and 7, Generally, the encm>tion downk>adahle 123 generates two secrets fron-s 
a passv,ord and selects a raadorn r.umber hint 145. The encryption 
downloadable 1 23 iber? hashes ihe bint and the tlrst secret lo generate an 



lutcaneduue m.k \ Ihv cncryptkm downloadable 12S nm\ hnshes tiic irsdcx 
rsjid tlie second secret to gcticraty the key, which u.^ed lo cxiaypt the data 170. 
fhc encryption doswdoadabic 1 the?-? sends die ciici-\ptcd ddU 140 and the 
him \4t u> the ijlobal server 10*;, Adfeniaii^-ely the eucr\ption downloadable 
1 ?3 c^iB send ttio cr^cj>Pted data MO to ihc ^-\((>Ka ^»ervxn- M^5, and the global 
ocner 105 ca^s j;,enc;ate and store the sarnie bint '45 nidcpor^deruty. d: \^dl be 
vjpprc^ jated fhat a bash func-ion provides a non-te\er,-?ib!e ealealation of re.-^ult 
tbai preveiiii Jematjoti o'hhe orighud valuer. It will be appreciaicd that an 
embodjrutnt vdicrc the servei geneKite.^ the hnu, con^piitc:> iht kvV ftom Ihc 
;>feiet.=^ <ir-d encryp Is trie dtta i.v also possible, and ea<5ilv uaderstoodby one 
okiKed 111 xIk att fieni the teachings herein. H will be further appreciated (hat 
fde eneryptiun could ba perloaned by th^' F.lohal senxT H)5, For example, the 
unenenptod data 170 could he uploaded lo the global setvei 1 0^ xia a secuje 
mrisnnssit^n (ine and encrypted at the global setvfi 105. 

AvCiordingly, to decrypt the ouctyptcd data 140. the hnit 145 and two 
•^ecret<; as-^ociated with trie encTVpLed data I '10 must be dctenrju«ed. 1 o enable 
oheiu side decni>tion of encrypted CuU l-hJ, the euctvphou downloadable 1?3 
store-o 0-se hint 145 o:i the sdohal serxei 10^. To enabJ^; aei\ci-SKle decryption 
of the tneoptcd data 140, the encr^plion downloadai'ile 123 stores die hint 145 
and die second secret 1-^0 on tue ^:iohal server 1 13 1 he-^c iw^^ methods ot" 
Jectypliori are desenbed wifn leferenoe lo I'Kk-> 8-1 1 

Other leclniioues <.>r encrypt ion and decPvpuon, xshich alknv a cHeni: site 
115 1 2o to mamtani sonst inh>nnarion and tiie .server 1^)5 to mairta^n other 
mioiTj-iation tc-r deen>pritip dats 140, are .doO pr^ssible in hght ot the teacrnigi; 
hereas bot c\ampL\ in a snnpicr hut les^^ ^ecmc o;nhodinieut tl;ai faediiates 
chent-Mde deer vpluMv hic^erjbed in i;5 eater delad will; resort nee i'iCi^, 12 
and 1 ^\ the ke> equals H(F, hintX Ck'tKralh , a Ires s\(.,uen^toT lioVue^ a 
iva<is\\oid and a hia^ to L>enar3lo the \cy. I h^ Unit is stored on the idobal server 
and the password js known by the u^!. r AeeordingK. ior deeiypuoa. V-vo site 
Te^'pon.-^u^ihly :s still ?ieedeJ to g!,,a<->t,^te rhe key. 



The diem dccrypiion downloadable 125 pcrrorrns ciienl-side decnpiion, 
md is <kscribed with reference to FIGs- 8 aiKi 11. Gcncniii>-, the client 
decryptson downloadable 125 requests the pas^xvord from the user on the 
vernoie client 120 and uses die same hashing limciion io generste d^e t^vo 
secrets. Using tb.c secrets and the hint (downloaded from the global server 
105), the decrypticm downloadable 125 usies the same bashing algorithm as the 
ertcryption downloadabk: 123 ti.^ generate the same key. The deer>ption 
dowidcHKi^ble 125 then, ii^ses the key to decrypt the encrvpled fde 5 40. 

The sen'er decrypliori module 1 M) performs server-side decryption, and 
is described with reference lo FIGs. H~'\0, Generally, Ihe sen-aT dccr>ptic.m 
module 130 sends a downloadable (server decryption downloadable 505, FIG, 
5) a.ad the hint 145 associated with the eiscrypu'd tile 140 to ihe clier^t 120- The 
dccrvphon downloadable 5U5 Is described m detail with reference to FIG. 5, 
The dowtdoiidable requests the password from the uiscr and uses the same 
hasbiiJg -algorithm as the encrvption downloadable to gencraie the I'irsi secret. 
The downloadable then uses the fusi secret atui the h;i.nt 123 in die same 
iiashing algoritlmi as the encryption downloadable to generate the intermediate 
index, rhc dowitloadable then sends the inde.x to chc sci-ver {tccrvption module 
130, which uses the intei-mediate index and tlie second secret 1 50 to gcnenstc 
the key. 

It will be appreciated that tlu^ second .secret rnay have been stored on the 
global ser\'er 105 dnri.ng the setup of" tlve original account Timt is, at account 
setup, a dowtdoadablc havmg secret generation i.x>de may have been sent io the 
aser, fur example, at the local client 115, v.ho inpuis a r^assvs ofd. The 
downloadable then generates the second secret 1 50 and forwards the second 
secret 150 to ihe global server 105. It will be appsreciated that die second .secret 
1 50 alone is not enough to generate the key, since the intermediate index is .not 
Inown, ft win be apprccu.ued that, tor this cnibodh'ne.nt, servi?r-side or client- 
side dcciyprioTi could he selected based orj the security level of the 
com.m>rnication clia n.nel between the client 120 and server 105, on client 
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terminal is'pe {e g,. pnvescv!.r pov»er>, oo the skv ofthc tlk" xC,g., the iongOi of 
liinc it will lake cit^waload the ille), oi on usci preference'^. FurthcT, scrv'ci- 
suie ur ciitnt-Mtie Jeci-vpti<m can be d.HeurJneJ .U :ho Umc oi dccryvUon, di the 
time of tTicryprion, at account ^x-cup, «x at aay other tmie. 

The web isctver 1 14 providiJc; web page data and wtb pagt tuner jonality 
to chetUs, »i;ch a5 to the ^cmotc clionl 1 i^'* or to Iho k^cal eliesir 124, Punidm^' 
v.eb pa^'e runctK>na;dv and (iata may i^u hioc transmitting doxvnloadahscs such 
as the encryption downloadable 123 and tl^e client decryption <jownlo?sdab!e 
125 io the clieius, 

FIG. 2 is a bi<?ck diagran^ iiiustrating a cot\iputer system 200 whieh 
illustrates details of each of the gh)bal sei-ver 105, the local client 1 15 and the 
remote client 120. The eoinputer sj-stern 200 includes a processor 205, such as 
an Intel Pentium*' microprocessor o.r a Motorola Power F*C* microproees.sor, 
coupled to a corminnncations channel 220, The eompuier system 200 fi^rther 
includes an input device 210 such a.s a keyboard and mouse, an out^mt device 
215 such as a Cathode Ray Tube (CRT) disphn', a cornniunications device 225, 
data storage 230 such as a magnetic disk, and v.'orking ii^einory 235 such as 
llandont- Access Memory (R..AM), each coupled to the communication.'? cha.unel 
22(5. The coxtimu-tiications channel 220 may be coupled to a computer netwod. 
1 10, CMe skilled in the art will recogr^.l^e ihat, although the data storage 230 
and w<.irking memory 235 are illasiratcd as separate units, data storage 230 and 
svorking ineinory can be integrated or partially integrated units. 

An operatirig system 240 controls processing by the processor 20.'>. and 
is typically stored in data siorage 230 and loaded into working memon' 235 (as 
illustrated) tor execution. Ofner programs and data 245 such as browser.-^, 
servers, downloadables, unencrypted or encrxpted data, etc. may also be .stored 
in data storage 230 m\d loaded into wcaldng memory 235 (as dlostrated) for 
execmion by processor 205. 

One skilled in the an will recognize that the compnier system 200 may 
also include additional inlbmiation, such as network: comiections, additional 



niemory, addiuonal pn>cejs?^ors, l.ANs. iiiput'Output lines tor transiening 
information across a hardware channel, the internet or an hilraact, etc. One 
skilleii m the an will also recognize ihat tlie programs and data may be received 
by and stored in t'ht. system in allerncUis'-e vva>-;;. For example, a computer- 
readable storage ?r.edj.ii.m (CRSM) reader 250 such as a floppy disk drive, hard 
disk drrve. CD-ROM reader, magnelo-opiical reader, CPU (for RAM), etc, tnay 
be coupled to the cornvnuaucations cliamicl 220 for reading a computer-readable 
storage medium (CRSM.) 255 sueh as a magnetic disk\ a hard disk, a magneto- 
optical disk, RAM, eie. Aeecjrdingly, the computer system 200 .may receive 
prograTns and data via the CRSM .reader 250. 

FIG. 3 is a block diagram illustrating derails of ihe encryption 
downloadable 123, The enci-yptioti downhiadable 123 includes a user inierfiice 
305, a key generaior 3 10, an encrvpiiori engine 3 15, a global sender 
communicat.io.ns engine 320 and a hint generator 325, The user interface 305 
includes code for causing a cotnputcr ro present inibnnation io and request 
i.r.i .format ion from Ihe usei, i-'or e,H:arnpie- ihc user interface 305 requests 
identifuration and authetwication irsfonnatioii, and a password and identification 
of the onenerypred dala 170 desired to he enctypted. The key generator 3 10 
includes code t:br generating a key for encryptiiig data 1 70. As described 
above, the key gcrterator 310 performs an algorithm of generating .tlrst and 
occond secrets from a password, ha.s.hir^g the iksi secret and the bi,nt 145 to 
generate an inierinediate index, and hashing the seetmu secret utkI tiie 
intermediate itu-lex to g.enet>^tc the ke} . During the key ger=eration process, the 
key gener^iior 310 requests the hint gencrahor 325 to get^erate a random number, 
preferably of variable lettgth, to be the hint 145, The encrypiion eogi.ne 315 
ir-cludes code for usisig the key and an encryption algorithm, e.g,. symmetric 
algorithms. DliS, triple F>h:S, BlowFish. RC-S, etc., to encrypt the uncneryptei.! 
.file i70. The global server coiTminrsi cations cpsgitie 320 includes anv code 
needed Cor comritu ideating veith the global server lh*5, e.g., for sending the hint 
1 45 isnd the erKr>ptcd file 140 and, if necess;rry, the second secret 150, to the 



slobal server 103, It. will be- appreciated that the global server 105 may inchide 
a hint generator (tiot shown; to generate the same hint as generated by the bnit 
genenttor 325, Accord iagly, tVse local cheru 1 15 aeed not forward tiie hint to 
the global server 105. A nrethod of enci->ptir5g data is described .in -detail Mlh 
reference to FiGs, 6 and 7. 

It will be appreciated that, for client-side decryptR-m, the system may 
altemaiively not generate a secret at all. Alternatively, the system may pcrtbr-fi-i 
eaiy number o.f hashes of the variable password and variable bir.U, .For example, 
lb=e key generator 3 10 rnay hash the password atK.! the hint to gene,fate the key. 
When a request is .received tor elient-side decryption, the client decryption 
dovvnioadable and tiint rrsay be transmitted io the remote client 120. The clie.r.ir 
decryption do^vxiioadablc can request the pas.sword, and hash the bint and 
passwo-rd io generate the key, A backer obtaining the iransmiiied hint has 
msufficier.t information to gerserate the key. Two secrets are generated for 
server-side dccnption since the bird and intermediate index must be transmitted 
across ihc network 1 10. A second tevei of indirection is therefi.>re needed, la 
either case, the task of decryption is distributed between the global se.rver I OS 
and remote client J 20, and the key is never transmitted across tlie network 110. 

FIG. 4 is a block diagram illustrating details of the client decr>^>tion 
dossruoadable 125, The client ckcrv^tion dowrsloadable 125 includes a user 
interlace 405, a key generator 41 0, a decryption engine 41 5 atui a global server 
cor.rs,munieations engine 420. The aser intenffice 405 is sin>dai' to the user 
interface of the encryption downkiadable 1.23, and includes code needed for 
causing a computer to p.resent mdonrtaaon and request information .from a user. 
For example, the user inierfacc 405 reque&ts identification and authentication 
iriformaison, a password and identificadon of the encrypted data 1 40 to be 
dcc^Ttcd. fbe key generator 410 includes code for generating the key using 
the same algorithm as die key generator' 3 It) of the encryption downloadable 
12.'^. That is, preferably, the key generator 410 uses the password r.o generate 
the .first and secotid secrets, hashes the hint and first secret to generate tlie 



intermediate index, and bashes the second secrei and the buermediate index to 
generate die key. Lastly, the decryption engine 41 5 includes code for Msing the 
key and a decTyption aigorithn-i, e.g., symmetric algoritraiis, DES. triple DES, 
BlowFish, etc., whioli is associated with the encryption algorithr?i used 

by d^e encrvptiori engine 31 S oirthe encn7)tiot^ downloadable 123, to decrypt 
the encopted data 140. The glol>al sei-ver eonimnnications ergrne 420 includes 
any code t^ceded to connnnnicate with the gh)bai Berver 105 to receive hints 
145 and encrypted data 140, A metbod of decryption is described in detail svith 
reference to FIGs- 8- i b 

FIG. 5 is a bhxk diagram illustrating details of the server dec-o^tioB 
module 130. The server decryption module :I30 includes a server deci-yption 
downlcsadable 50.5 and a serve?- r&ild^ module 510. Th=e seiner decryption 
downloadable 505 inekides a user inieriace 5b5, an index generator 520 and a 
global server cormiixmicalions engine 525, Tbe server resident nnodule 510 
includes a key generator 530, a decryption engine 535 a.rKl a remote client 
cormnunications engine 540. Tiie user interiace 525 is similar to the user 
i.aterface .105 <?f the eficrs'inion dov,'nloadabie 12.* and to the user interbice 405 
of the ciieni dectypbon downloadable 125. The user interfa.ce S).5 mc hades 
code for presenti.ng information to and reqnesdng iTiformation fron.i the user, 
such as identitK-adon and authenticaiion information, a password and 
identificaiiovj of encrypted data 140 to be dect>pted. The mdex generator 520 
preferably njchtdes code for using the pas.sword l.o generate the .tlrst .secret, and 
.for h.ashing the first secret and the hint to generate tbe intermediate i,ndex. The 
global server comrnnni cations etigine 525 iTH-;hides code for comniiini eating 
with the global .sen-er 105, e.g., b->r .receiving hints 145 and decrypted data, from 
the gloiial server 1 05 and sendirig the intcrmiCdiate index to the global .sen-er 
105. 

Il\e key generator 530 preferably n>clndcs code for nas.hing the 
intermediate index and tbe second secret 1 50 previously stored on the global 
server 1 05 lo generate rbe key. 11. will be appreciated that th.e secoiKi .secret. L50 



may have been received at account creation, during a previous transaction or, ii" 
necessary, during, tiiis iTansaclioiL The dccryptmn engine 535 is similar to the 
decryption enghie 415 of the client decoption downloadable 125, and iachides 
code for using the key and the deci>p^i<>n algoriUiv« associated with die 
encryplii>n algorithm performed by the cncrypuon engn^.e 31 5 to deonpt the 
encrypted data 140. lli.e renK>te client commut^ications engine 540 inclndes 
any iiecessrny code ibr sending the decrypted dati^ to the remote eliom. 120, if so 
reqaest«d. 

I'lG, 6 IS a flowchan illustrating a meth$xi 600 ofencrj/pting data =70 in 
network system 100. Method 500 begins by Ihc local chent i 1 5 in step 610 
rcquesthig storage of data 170 on tlie global server 105, Step 610 may incknlc 
contacting the gioba! sender 105 by its UM.. and selecting the data storage 
option from its web page. The web scr/cr 175 presenuiig the web page may 
further request identification of the data 170 oti the local client 1 15 to be 
encr>'pted and j^tored- The global ser/er 105 m step 620 yends the encryption 
downkiadable 123 to the local client i i 5. Alternatively, the encryption 
downloadable 1 23 may be a p>errnanently mstalled component, stored on tlie 
local client I 1 5 via, for example, a floppy drive or an internet link. 

The kscal client 1 1 5 in step 630 executes the encryption downloadable 
123. possibly using the applet-enabled browser 165, installation software 
initiated automaueally, AerivcX^^' controls, eic, to encrypt dara 170- Deialls of 
step 630 are described with reference t<5 FIG. 7, I'he local cl .ient 115 hi step 
640 sends the encrypted daia 140 and the hint 145 con-espotuiing to the 
encrypted daia 1.40 to the global server 105. It will be appreciated that, for 
global server decryption, ihc locA client 1 ; 5 it^ siep b40 may also send the 
second secret 150 associated ^silh the u^er\^ pass\u)ul to tl>e global server 105. 
However, preferably, the second seerci 150 h<'s bcj.u pr<, viously stored on the 
global server 105 before m-tuxtion of tins curren: request. sucl$ as at account 
seiup. Method 600 ihcr? ends. 
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FIG. 7 is a ilowchart illustrating details of step 630 as a etcthod 700 or 
encrypfeg data 170. Method 700 hcgms with the user inkirface 305 of the 
encn^^tior. dou'nh>adable 123 in step 710 reque^jimg the password Ixom the iiser 
or. ahernalively, from another computer or subroatioe. It will be appreciated 
fhat the password chosctj will not be tiansttntted over the computer network 
1 1 0, tb.ereby increasing the level of security. The key generator 310 of the 
eaci-}T>tiGn dowt^loadabk^ 1.23 in step 715 perfortos a one-way hash of the 
password to geiierate a first secret, and in step 720 perf<.irrns a cmc-way hash of 
Ihe fsrst secret to generate a .secovKi secret 150. .ii will be apprechried that any 
two secrets cait be tised, however, two nested hashes of a password provides the 
best mode known for generating secrets and inininsixh^g the data needed by a 
user. One of ordinary skill in the art will understand thai each one way hash 
function provides a non-reversible ealeulation that prevents derivation of the 
original password or input vame or vahies. 

The key generator 310 of the encrj'ption downloadable 123 in step 725 
inslTiKus the hint generator 325 to generate a liuit. The h'mt generator 325 
generates a ervpiogtaphicaliy .seaii-randorn number, preferably of variable 
length, atK"! forwards the nnnibcr to the key genemtor 3 10 as the hint. The key 
generator 310 in step 730 per farms a one-way hash using the hint aiid Ihe first 
secret to generate an intermediate i,ndex. The key generator 310 in step 735 
perfomis a one-way bash tirnction usnu^ the intermediate index and the second 
secret to generate the key- Accordingly, the encnption engine 315 in step 740 
encrypts the unencr>pted data using the key. Method 630 tben ends. 

FIG, 8 is a tlowchari iihistrating aAiieihod 800 of decrypting encr>'pted 
data 140, in accorda.nce with the present invention. Method 800 begins witlt 
the browser 155 on the remote client 1 K) in step 810 reqnestrng access to the 
encrypted data 140. It will be appreciated that remote client 1 1 6 may only 
reqncst a portiorj of enetypted data 140. In step S20, a detemiination is made 
whether to per&rm. client-side or ser/cr-side decryption. This dcienninalion is 
preferably made by the original user setting a preference at account .setup or at. 



ihe time the encrypted d;ila 140 being requested wns placed on tiie giobni server 
lOS. 

if scrvcv-aide dccrvption i& selected, then the global server 105 in ^tep 
8;>0 execuies the decrypticm algodihin, described m greater tietaii with 
reference lo PlGs. 9 arid 10. Method HOO ther. proceeds to si:ep 840, If clict^t- 
side decryption was seiecled, iheti die global sender 105 in slep 850 semis the 
client deeryplioti downloadable 125, hint 145 and er^crypted data to Ihe remote 
elicni 120. The browser 1 55 in step 860 executes the cHent decr\'ption 
dovvrdoadable 125. Meihcsd WJ then proceeds to step 840, 

I'hen, i« step 840. the retiiole chent 120 can, for examph^, access the 
decrypted data. In anolher example, the remote chent 120 in step S40 can 
attach the data io -m e -niaii and tratvsniit the e -rnail to another persoiit. in yet 
anotl^n- exatt^ple, the remote client 120 in step S40 can encrypr. the data using 
a?vother person's key, attach tlie data to an e-tnail and transmit the c-niaii to 
another person. It -vvill be appreciated that, in cither ease where an e-mail is 
being seru, the global sei-ver 105 need not doxvmoad the decrypted data since 
the remote chent 120 merely tratis.aiitting the e-mail and data to anoihcr person, 
rbe global server 105 can pcrlbmi these slops <m behalf of ihe remote clienr 
120. Metho«.i 800 then cmis, 

FIG, 9 is a flowchart ilUi^nrating step 830 in greater detail as a method 
S30 of sender decrypu on. Method 830 begin.s with the global server 105 in step 
910 setuiitig to the retnote client 120 the sen-er decrypuon downloadable 505 
and hint 145 c<nTesponding to the data selected. The remote chent 130 in step 
920 executes the server decryption <Io\vnloadable 50.5 lo generate and jiend th,c 
inrermechatc inde.^c lo the global ser\''cr 105, described in greaicr detail ■vvith 
reference to FIG-, 10. The ke>- generator 530 e-^f the server resident module 5 1 0 
or? iht' global server 105 in step 930 pcT trirrrss a orse-vs'-ay liash function of the 
second secret 1 5() eorre^pondtng to ihe user of the remote clieni 1 20 and the 
interrr;edi;^ie ini.lo, to generate die key It. will be appreeiared ihat step 930 rna>- 
include multiple hashes of die second secret. hii.us and inde.s. to geneiaie the 
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key. In tiie preferred ernbodinient. step 930 is more than concaleriation of the 
second secret and intermediate index. Step 930 snay ccmiomi to PKC'S 
standards or FIMAC siandards. The deci^ption engine 535 of tke server 
resident module 5 iO on the global server 105 rn step 940 uses the key to 
decrypt the requested encrypted data 140. In step 950, the global server 105 
can, for example, send the decrypted data to fne remote client 120 or 
alternatively ersabic the remote client 120 to perform sorne action on or 
manipulation of the decrypted data. Method 830 then ends. 

FfCI 10 is a Oowchart iUnstrating step 920 in greater detail, as a metliod 
920. Method 920 begins sviih the index generator 520 of the sender decryption 
downloadable 505 in step 1010 requesting the password from the user of the 
remote client 120. The i,ndex generator 520 in step 1020 performs a one~wa>' 
hash functioti of the password to compute the ftrst secret, and in step 1030 
perixm^-ss a one-way hai=h fi.mctto,n of the first secret and hint 145 to generate tl-e 
intermediate index. The global sen-'er conim.unicatiorss engine 525 of the server' 
decryption downloadable 505 sends the inde.x to the remote client 
comnvdnicauons engine 540 of the seiner resident module 5 iO on the global 
sen'cr 105, Klethod 920 then ends, 

IdG. n is a flowchart illusti-ating step S60 .in greater detail, as a method 
860. Mettiod 86(.s begins the key generator 405 of the client decryption 
downloadable 125 in step 1 1 1 0 requesting the password frarn the liser of ihe 
remote cherst 120, Tlie key generator 405 in step 1 120 performs a one-way 
hash function of the password to generate the urst secret, and in step 1 \ 30 
performs a one-way ]>asb h^nction of the first secret to generate the second 
secret., fhe key generator 410 in step 1 1 40 performs a one-way hash ilmction 
of the first secret and trie hint 14.5 to generate the intermediaie index, and in 
step 1 1 50 perfonns a one-way hash ante (ton of the second secret and the 
i.nter.rncdiate index to generate the key. The decryption engine 41 5 o,f the cLient 
decr>ption dovsmloadable 125 in step 1 160 uses the key to decrypt the encrypted 
data 140. Method 860 then ends. 



One ol: tH<.imdrv skill \mL .ct'^gni/v'' that ^he kr> !s «cv<-i -lausirjued 
c vcf compiiter iiefv^s^iV. \i ill be findie' app!t\''\red thai the pacvS>'''vOTd is 
uev ."r traroru ucJ ox, ci the ^ntcmc* '\cc ordir gl\ , ^iht ko\ tdiinot be gererateJ 
r ven ilal .es '5<^»nK-iio\\ c^btaricJ tho :\ os>U'rJ the kov cou'd xK^t be 
gjrK\.reii vMtLoUv vobta Jing tbc p ope \dAi (unct.v*ns and hint uixrc-^pond^np 
ti^:nedti 'CTi tbeg^^Kil ^u\u tu"^ usbich stvuircN psop^j u^uitifu.mon an i 
.iJuhLTwC .^nun ) It \\ ill be f urlht: .^DpTet uit^-d t}\.t tje ^^co-id seco-t 1 5 J > 
uan-^rr,ttod oris unco . ^ ro-<5 th«. neax oik 1 io, and needed at tlie trne the ddl4 in 
to be decr^ted . 

It \^ hi be e\ cn turtLer ar>r>"s.'c:dted that bv d i.tnbuim>i pan? ol the 
Cccty^uon luncuori to .hf rt'irute .-.''fni 1.*!'* 3nd naits ^> tbe g'ohdl ^crvc" i(o. 
It ^^ not posiaibie fot eilhf £ ^itr aloix. to dccnpt aata withoU f..^iu nrg 
..ddiUonrJ -ntoimat on t'om tiio otKei iito Otio uf ordiri^rs ->kill w:^I 
understand thai b\ d i-*:.huljri* *hc f^!. v n prior imct on bciveeii the ^ciiwic 
chom zivi %. ob*ii ser. e. (refeiied to a-v roi^blc ruhieci oii), i rot pos-^>bk 
tlx globdi --^ r^t:-! to det.n'pt tho p!c ui>hoiit <.cq\Ji'j<> iddit omi nlom.i .^on 
tiom the icmote ^'^ent Hence o:ie o v>Td3ri^rv j>kill \sd. ULda^^land * iii an 
un imhv!Ti''od captuR uf lolonnauon darsrg n^. u^ork iTaii^^lcr will tr^ to ro\ ide 
enoiu'h niomiar.o i t-^J de<.npt ciu tvpttv data U.'^ Iherjiore, tne s\ 'stcui ,>i,d 
HAtho?^ p'o\.d^ a hovi'hrcjed kne' ^ 1 data scci wy 

\\C P !<; a tKmehan dhi.-tu'trv ^in:;pk civ-nplH^n f^icthod 12v.'<'^, i.i 
i.uordance ith die pr.^trt nr- tJioti Nkthi-^d ' bej^ins x% ita the >^NeT 
intetfaLe sO^ *n --tc p L"^ ^ iceacstiug ^ -v-sv* oul ae hTi gonefaKn ' ''"^ tri 
step 1 ,0 ^.^eaeiates a hint The k^v gencuitoi ■> 0 ;n ot^p *21> hashes tU hsi t 
arJ tbe p i^ss^, i.?ra t^? gor eiato vie kes i he en^rvptK n enpint 1 ^ m 6top i220 
as.\^ ihe ke> lo enc l'^ pt d.t<. Sh tuoj 1 ''Os? \h. n s 6 

i kr i'^ i^. a ,h>\\ chart lOastiat.':*: a Mnip'o d.-. rs.>hon ineiho i 130'! foi 
dccrvprng dati enerxtsted umiv cPv^st^tion oie*b<>d ' 'oj Method nC«J '^cgKs^ 
V ivh the .eau'*c chert I2t^ in step : h S leq cssr.r^' at.<.eso to tncrvptcd daM Ufs 
toicJoiithe NtTsef H'^ TK vt\c. J*'^ ni -Vp I " KHeodv- 1 le <.nv rvon d Ja'a 



140, the corresponding hirst 145 and at least a portion <if ihe client decr>ption 
ikjwnioadiible 125 to the remote client 120. The remote client 120 in step 1315 
execiiics the decryption downloadable 125, The user interlace 405 in step 1320 
requests the passsvord iron^, tbe nser. The key generator 410 in step 1325 
hmhes the password and the hint to generate the key, i hc decryptkm engine 
415 in step 1330 ni5e>5 the key to decrypt the encrypted data l%0. Method 1300 
then etjds. 

The foregoing description of the prefen-ed err^bodiments of the present 
invention is by way of example only, and other variations and modificaiioris of 
the above- described emboditrienis and methods are possible in light of tbe 
foregonig ieaclung. Although the rsetv/ork sites are being described as separate 
and distinct sites, one skilled sn the an will recognize that these sites may be a 
part of an integral site, may each incujde portions of multiple sites, or rnay 
include combinations of single atid muitiple sites. Further, compo.nents of this 
invetnion may be implemented wsit^g a programmed general purpose digital 
computer, using appHcadon specific integrated circuits^ or a&ing a network of 
interconnected con%^endonal ooii-sponents and circuits. Connections may bo 
wired, wireless, modeuj, etc, Tiie embodiments described herein are not 
intended to be ex.hansiive or limititig. The presejU- invention is limited only by 
the following clairns. 



WHAT IS 



i penoi uiST^g a hashing aigonths:n on the him avA die pao<;word to geaerate 

a kev; 

i> cncrxpting data u^ui^r the ke> ; and 

Si nJifjo the enciyptti^ Jv^ta lo a jic^vc; lo$ .^tC'rage, 

2 1 he mecbsxi t^f cUini • , i^rttn sht- f^tco of pt'Tfoiiinn^^ a hashing 
alg^.Jisdim inc'iideji ha-^ning ihe pasi>\void 

1 3, The oie&od of claim 1, 

2 whesciB die step oi peilorrrung a iiashi$-!g algonthm n^ciijdes liashini? the 
pai>-^ to ik n% e a first ^>:;crct, haxdinig the ar::.t secret to del n e a -^ecutul 

4 'secret, ha^^hing the hint and ihe Cu&l secret to g<:<nervi.te an raceumcdhiTr indcK, 
and bashing ihc inii^mieJiato uktex .lud die second secret to generate tho key. 

2 a ij<?er uitertaee for i)btvdnitig a pa^is^x'ord; 

3 a kc> ycrstrituT '/ouplcd to the iji^er uite?faee for pcfformus*^ a ha^hnig 

4 <dgornhn^ on hui; ^aid the nas^\v(>rd to generate a kev, 

5 encnption cngirse coupled t<.> tiie key generator for eTKTypt:r-g data 

6 iL-xr-g. ihe key, and 

7 a tunnnauieacions nnxiide eoupled to the engu'e for sending the 
S envTVpted d<da to a st-rstn to? ^K'Uage 



1 5 The svsiem ^.uciann 4, author ee-nipn*-KiK o. hmi '^.-^ncuttor i^enerating 

2 the hint. 
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1 6, The system Cffclaini 4, wheixrin the key generator hashes Ihe passxvord, 

1 7. The sysicra of claim 4, wbereio the key gencratfjr hash^^s ihe password to 

2 derive a first secret hashes die first secret to derive a second secret, hashes the 
bint and thsC tlrsl secret to generate an intermediate index, atid hashes the 

4 intermedi;ite index and the second secret to generate tiie key. 

1 <S, A system, e<iniprismg; 

2 mear\s for obtaining a hint; 

3 means for obtaining a password; 

means for p?eTforrnsng a !>asbing algorithm on the bint and the password 

.5 to generate a key; 

6 means tor encrypting data using tl^e key; atui 

7 means for seadiag the encr>i:^ted data to a sen'er for storage, 

L 9, The system of claim v.vherein the system includes code stored on a 

2 coTupp.ter-readable storage medium. 



1 10 flic systen> of ciann therein rbe s>sicm includes ec^dc embodied in a 

2 earner wave. 
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} n, A meiuoj, compnf^mg 

receiVHJg <i request lo 55ioie enon-pted data from a clicnl 
st^n Jiini?, an encrvT'tK>o Jo\\ ruo.hlarle k>r d.-ris ibg a kc> i^f encrypt data to 

4 tlie client; 

r TCCv^iv ui,?, oncnptod dau ih.*t ^va.^ c:icnpteJ b> ihe eiia> pikm 

6 dos^ nlo;ul<iH|e fVoni ihe client aiul 

7 ohtauursjj 'i huxi^ conespcnding to the encrypted data and needed fox 

8 jcgenerdting the key, and 

9 .^toi uig the mil and tlie encr >'ptc<i data. 

1 12. A system^ coiiiprising: 

2 an cncr>piion doxMdo«dnbic for dctivit^g an oiicr^plKm kty frem a 

3 pasf.\v ord and a liiut, 

4 a --xeh -server lor miertacmu \^ ith a eh.enu lor ^cndhv^ the encrsption 

5 downloadable to thi- etkni, and kn civsng encnptcd data thai was eucrvpled 

6 thf c:iei\p?ion downloadable >Tom the cUenu and 

7 trscm.^rv eonpled to tiie x\eb seivei lor t^toiing a hint coitcspondnig to the 
g cnerypied data and needed to te^^eneratc *he kc> from die client and the 

9 encrypted data. 

1 Client- 5ide deeryptsori 

2 13 A \nedK\l, eora^'usmg: 

3 o-ntai rdnj-' a pa-isv.'ord; 

4 receiving enervpied d^la and <j liuu C'MTespondini^ to the enn)pti.d kUu 

5 from a server; mid 

6 peitbninn^- <\ hasbntr akouthm on ?he passsvord an j the iutu lo generate 

7 a key V^i -A eryptu ihf enei>pied data. 



1 '4 'I ho ir.ed^od oi claim 1 ^^betein the <;iep of pextK^immy a hci^hin^i 

2 akonthni inclside^ 1 ai.lunp tb.e p.^ss^x oul 



1 15. A system, comprismg: 

2 a user n\terface for {teinirsg a password; 

3 a consmunications module for receivmg the encrypted data and a hirst 

4 corresponding to tlie encr>7>teci data from a server; 

5 a key generator for performing a bashirui algorithn> on the password and 

0 the hint uy generate a key for decrypting the encrspted data. 

\ \b A system, eomprising: 

2 means for obtaining a passw<>rd: 

3 means for receiving enei^ypted data and a hint corresponding to the 

4 encrypted data from a server; and 

5 meaiis (or performing a bashsng algoridim on the password and the Irint 

6 to generate a key for decrypting the enervpted data, 

1 17. The systern of clain- ) 6, wherein the system includes eode sto."ed on a 

2 eoTnpnte.r-readable storage iBedium. 

1 |\ The systersi «f eknni id, wherein the system ineludes eode embodied in a 

2 can~Kruavc 

1 rreihod, eeenprising-. 

2 rt'.-f ^ \ rrtg rdentifica'-u-in of ener> pted d^ita. 

3 sending .t. decj-yption do^Anksadabl^ l<->r aenvnig a ke> fron pasi,\^erd 

4 and a hint ro a ehent; and 

5 sending a hinl gorrc6p<,'ndn.^i to the er.cjypHx; data to the e.rent. 



gxjj Tcrmmmmi 
A ^yiiWm. conipnsirg- 

a dcc^\ ptUMi Jown'viadahlc tor derivrag a key tron\ a p^.'^sword and a 



crtcr ypicd diita, 

a Innt conc-^ponduig lo tho cncn-pted daia: and 

a wob reiver lor 5iUiriacim> with a cl^cnu wkI foi seaduii> the deciyption 
do\vr5k><idabic. ifc cncwyti^A daia ^nd the h?ni thv dknl 



] Server- :>u1e decnptton 

J .n A chent bai-^ed mcdiod. v-ompn<5ing; 

3 otnaiumg a pi5SWv.>rd, 

4. del K'ing a tir-;4 secret from the pub&v^'oni. 

^ fcccivHsg a hint cosTCbpoisding to data to he deciyplcd th^iB a scrs er; 

deriving an inlcnnedkte ^ndex frem the firxU ^ectel and the hmt: and 
7 setklsng die intcnnedhxte index ia die s-cn'cr, 

1 22 , The method of claim 2 1 , wherein deriving the first secret includes 

2 bashing the password. 



WO0l/i35T2 FCmiSIM>mM2 

1 23, The method of^ckiim 21, whereui deriving ars iniermediaie ir^dex 

2 includes hashing the ilrst secret, and the Unt 

2 <i i^-er micr lace tor ohta unrsi:, a |\i.-svv ord; 

i iisi mde\ generator coupled to the use? mtvA face for gei.erating an 

itucrrtied^iiiie r^io: from a hint received fjom a ^;or/er and a secret derived from 

5 tiie pas^rvvord, and 

a coTYKnunicarons t-nginc co^upkd to the index generator for sending the 
ujtermediatc mdex to rhe server, 

i 25. The s>>?iejr< ofclami ?4, vvberein the iiide\ generator generate the 
imerniediate ir\de,< by handling the hint and the sceret 

2(5 A -^YiSte:ri, conipri^ins': 
? nte,ui5 for obtaining a password.: 

js fpeansi for deri^'ing a first secret from tbe pasjiword; 

4 means tor toce^'sng a hint correspoiidij\g to data to be decrspted from a 

> <;erv er; 

nie;«is lor denving an inten-stediate mdcx trorrii the first secret arjd tbe 
7 hsnt, and 

mean,'? fc.T sending the interTnedia?e index ro the ser/er, 

! 2'^, The s>ste:-n of ebini 26, wherein dte system includes code stored on a 
<:<MnputeT -leadaHe storage medium. 



2^^ i he >vc-tem of elairn 26, wherein tbe system incluries code embodied in a 
earn^t ave 



1 \ senxr-based method, cottiprnms; 

2 rccei\ lug m mdicatkm of cncrypi^.d data to be dcciypivd; 

3 tratisruntn^g to =s clicul a hull corre-^.f on^img to ihc uklicanon, ;md a 
decryption JosvnIoaJable 'br deu^ iiu> an inlcnucdi<stc >ndcx tiom a pd!>^\-voui 

5 and the hini; 

receivHi.o the tntcnuaiiaio index liotr. ihe eheni, and 
" dcj^vuig J Jec^yption kev tVoru <i sck ond .secrel c<.>nefepunding to the u-su 

^ and the inietTriediaie tndex 



^ M} A svsleaK compn-^ing" 

: a 5rcond secret cone-^pondirg lo a ussi, 

_i a decryptior; (ic^Vvnloadabie for gyrteratinf an intcnist-diatc index fixmi a 

4 password and a. Iii«t; 

5 a web server lln leeHvnig an ^ndiCi^tKUi uf cncn,-pled data be 

6 dec? \rtcd, tor traiionihting the decrypi or- jicp^nlcadable <uid a hmi 

7 corrcbpoiH'iiug to the iodieatioJ^ ?c & cheni, and for rrcs'ss u\g an ititcnncduie 

8 index from the eheni; dnd 

\) a server- 1 e^uJenx ?vicdu1e fv>T dydvuig a key for dec5->ptmg tiie env;npted 

1 0 data from ihe second secret and the irucnncdu\te index 
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